The Hanken password policy is approved by ITR on 7.3.2017
All passwords to Hanken IT-systems have to comply to the following:
- Passwords for all usernames (also rare temporary usernames like guest ids) have to be change within 400 days.
When the time limit comes closer an automatic reminder is sent via the Hanken-email to the owner.
- The password has to be
- long enough, minimun 12 characters,
- and complex enough and consist of characters from at least three of the following categories
- lower case letters a-z
- UPPERCASE letters A-Z
- numbers 0-9
- special characters, like #,!,% -
- Old passwords cannot be reused
- Repeated login attempts with the wrong password, results in a locked account for a while.
- It is forbidden to use the password for your Hanken username on other than Hanken IT services (e.g. gmail, facebook, etc).
- A password is classified information and cannot, for example, be sent uncrypted with e-mail.
- Your Hanken-password is valid for many services, e.g. Moodle, Hanna, Library databases, Hanken MyWeb, WebOodi, Office 365 etc.
- A description of what kind of passwords are good, you find under 10 points about passwords.
- You can change your password on a Hanken computer, or outside Hanken via a selfservice portal.
- More details about the password server on the webpages.
This policy is valid from 3.4.2017